On Mon, 10 Mar 1997, Greg A. Woods wrote:
> There you go! The only thing you can do for '|' (and '/') addresses in
> ~/.forward files is be very careful with making sure you're running as
> the correct user before you do the delivery. To that end I still
> strongly recommend getting all forms of seteuid() and friends out of the
> code (and using fork() for what it was designed for). Older versions of
> Smail *have* been compromised because of seteuid (on Solaris for one)....
Exim has always used fork() + setuid() for all local delivery transport
processes, both to pipes and files. There is no way you can configure it
not to do this.
The only (optional) use of seteuid() is to become the exim user (rather
than root) for the time from starting up to do deliveries to the time
when it is necessary to become the local user before running the
transport. Oh, yes, it may also use seteuid() when reading .forward
files, it is true.
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714